Risk Advisory Consultant/Assistant/Deputy Manager - Cyber Risk/ISMS/BCMS - Consulting Firm

The Team helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient now only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks.

As a part of our Risk Advisory team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations.

Youll:

- Assist in multiple client engagements related to Cyber Security, Information Security, and third-party /vendor risk

- ISMS & BCMS implementation, Third-Party Risk Assessments and Gap/Maturity assessment.

- Lead teams or independently work on risk assessments or IT audits

- Conducting gap assessment/maturity assessment for implementation of Information security management system for clients

- Lead teams or independently conduct security assessments for websites and applications

- Collaborate with other members of the engagement team to plan and develop relevant work papers/deliverables for vendor information security reviews, define the approach for vendor assessment and develop a vendor evaluation model

- Handle key activities of assessment/ audit life cycle: planning, execution, reporting, QA and tracking

- Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental and/or specialized issues

- Demonstrate strong project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services

- Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding the project's progress

- Experience working with information security principles and best practice (e.g. ISO27001) backed by proven ability to engage with technical and business professionals

- Strong knowledge of information security standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI DSS, HITRUST, etc.

- In depth understanding within the following risk domains/technologies: Access Control, Asset Management, Network and Operations Management, Physical Security, Secure Software Development, Business Continuity Management, Cryptography etc.

- Fluent in English, writing and speaking

- Strong oral and written communications skills, and be able to work effectively and build relationships with others

- Analytical and problem-solving skills

- The ability to multi-task, prioritize work, and work independently

- A high level of integrity and customer focus

- Commitment to work with diverse clientele and colleagues spread globally

Qualifications :

- BE in Computer Science/IT, MBA (IT)

- Offensive Security Certified Professional, CISA